Vulnerability Summary for the Week of July 26, 2010
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
High Vulnerabilities
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
adammo -- fat_player | Stack-based buffer overflow in Fat Player 0.6b allows remote attackers to execute arbitrary code via a long string in a .wav file. NOTE: some of these details are obtained from third party information. | 2010-07-28 | 9.3 | CVE-2009-4962 XF VUPEN SECUNIA OSVDB |
alexred -- com_oziogallery | SQL injection vulnerability in the Ozio Gallery (com_oziogallery) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | 2010-07-28 | 7.5 | CVE-2010-2910 XF EXPLOIT-DB MISC |
apple -- itunes | Buffer overflow in Apple iTunes before 9.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted itpc: URL. | 2010-07-30 | 9.3 | CVE-2010-1777 CONFIRM APPLE |
brotherscripts -- scripts_directory | SQL injection vulnerability in info.php in ScriptsFeed and BrotherScripts (BS) Scripts Directory allows remote attackers to execute arbitrary SQL commands via the id parameter. | 2010-07-28 | 7.5 | CVE-2010-2905 XF BID EXPLOIT-DB SECUNIA |
brotherscripts -- scripts_directory | SQL injection vulnerability in articlesdetails.php in ScriptsFeed and BrotherScripts (BS) Scripts Directory allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2010-2905. | 2010-07-28 | 7.5 | CVE-2010-2906 XF EXPLOIT-DB SECUNIA |
christian_ehmann -- event_registr | SQL injection vulnerability in the Event Registration (event_registr) extension 1.0.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 2010-07-28 | 7.5 | CVE-2009-4968 VUPEN BID CONFIRM |
cisco -- content_delivery_system | Directory traversal vulnerability in Cisco Internet Streamer, as used in Cisco Content Delivery System (CDS) 2.2.x, 2.3.x, 2.4.x, and 2.5.x before 2.5.7 allows remote attackers to read arbitrary files via a crafted URL. | 2010-07-28 | 7.8 | CVE-2010-1577 CISCO XF VUPEN SECTRACK SECUNIA OSVDB |
elemente -- ast_addresszipsearch | SQL injection vulnerability in the AST ZipCodeSearch (ast_addresszipsearch) extension 0.5.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 2010-07-28 | 7.5 | CVE-2009-4966 VUPEN BID CONFIRM |
emophp -- emo_breeder_manager | SQL injection vulnerability in video.php in EMO Breader Manager allows remote attackers to execute arbitrary SQL commands via the idd parameter. | 2010-07-28 | 7.5 | CVE-2009-4958 SECUNIA |
gonzalo_maser -- com_artforms | Multiple SQL injection vulnerabilities in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allow remote attackers to execute arbitrary SQL commands via the viewform parameter in a (1) ferforms or (2) tferforms action to index.php, and the (3) id parameter in a vferforms action to index.php. | 2010-07-24 | 7.5 | CVE-2010-2847 XF BID BUGTRAQ EXPLOIT-DB MISC |
google -- chrome | Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the Windows kernel, which has unknown impact and attack vectors. | 2010-07-28 | 10.0 | CVE-2010-2897 SECUNIA CONFIRM CONFIRM |
google -- chrome | Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the GNU C Library, which has unknown impact and attack vectors. | 2010-07-28 | 10.0 | CVE-2010-2898 SECUNIA CONFIRM CONFIRM |
google -- chrome | Google Chrome before 5.0.375.125 does not properly handle a large canvas, which has unspecified impact and remote attack vectors. | 2010-07-28 | 10.0 | CVE-2010-2900 SECUNIA CONFIRM CONFIRM |
google -- chrome | The rendering implementation in Google Chrome before 5.0.375.125 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | 2010-07-28 | 10.0 | CVE-2010-2901 SECUNIA CONFIRM CONFIRM |
google -- chrome | The SVG implementation in Google Chrome before 5.0.375.125 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | 2010-07-28 | 10.0 | CVE-2010-2902 SECUNIA CONFIRM CONFIRM |
google -- chrome | Google Chrome before 5.0.375.125 performs unexpected truncation and improper eliding of hostnames, which has unspecified impact and remote attack vectors. | 2010-07-28 | 10.0 | CVE-2010-2903 SECUNIA CONFIRM CONFIRM |
hp -- openview_network_node_manager | Stack-based buffer overflow in the execvp_nc function in the ov.dll module in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53, when running on Windows, allows remote attackers to execute arbitrary code via a long HTTP request to webappmon.exe. | 2010-07-28 | 10.0 | CVE-2010-2703 HP HP VUPEN SECTRACK SECTRACK BID BUGTRAQ BUGTRAQ VIM SECUNIA OSVDB |
hp -- openview_network_node_manager | Buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long HTTP request to nnmrptconfig.exe. | 2010-07-28 | 10.0 | CVE-2010-2704 HP HP VUPEN BID BUGTRAQ VIM SECUNIA HP |
huruhelpdesk -- com_huruhelpdesk | SQL injection vulnerability in the Huru Helpdesk (com_huruhelpdesk) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid[0] parameter in a detail action to index.php. | 2010-07-28 | 7.5 | CVE-2010-2907 XF BID EXPLOIT-DB MISC |
iscripts -- visualcaster | SQL injection vulnerability in flashPlayer/playVideo.php in iScripts VisualCaster allows remote attackers to execute arbitrary SQL commands via the product_id parameter. | 2010-07-24 | 7.5 | CVE-2010-2853 XF BID OSVDB MISC EXPLOIT-DB SECUNIA MISC |
jochen_rieger -- car | SQL injection vulnerability in the Car (car) extension before 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 2010-07-28 | 7.5 | CVE-2009-4967 VUPEN CONFIRM BID |
joomdle -- com_joomdle | SQL injection vulnerability in the Joomdle (com_joomdle) component 0.24 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the course_id parameter in a detail action to index.php. | 2010-07-28 | 7.5 | CVE-2010-2908 XF VUPEN EXPLOIT-DB MISC |
kayako -- esupport | SQL injection vulnerability in index.php in Kayako eSupport 3.70.02 allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a viewnews action. | 2010-07-28 | 7.5 | CVE-2010-2911 XF VUPEN BID EXPLOIT-DB MISC |
kayako -- esupport | SQL injection vulnerability in index.php in Kayako eSupport 3.70.02 allows remote attackers to execute arbitrary SQL commands via the _a parameter in a downloads action. | 2010-07-28 | 7.5 | CVE-2010-2912 XF BID EXPLOIT-DB MISC |
ksplayer -- ksp_sound_player | Stack-based buffer overflow in KSP 2006 FINAL allows remote attackers to execute arbitrary code via a long string in a .M3U playlist file. | 2010-07-28 | 9.3 | CVE-2009-4964 XF VUPEN |
likewise -- likewise_cifs | The pam_lsass library in Likewise Open 5.4 and CIFS 5.4 before build 8046, and 6.0 before build 8234, uses "SetPassword logic" when running as part of a root service, which allows remote attackers to bypass authentication for a Likewise Security Authority (lsassd) account whose password is marked as expired. | 2010-07-28 | 9.3 | CVE-2010-0833 CONFIRM VUPEN UBUNTU BUGTRAQ SECUNIA SECUNIA |
mozilla -- firefox | layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted HTML document, related to the DATA and SRC attributes of an OBJECT element. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-1214. | 2010-07-30 | 10.0 | CVE-2010-2755 CONFIRM CONFIRM |
ordasoft -- com_booklibrary | SQL injection vulnerability in the BookLibrary From Same Author (com_booklibrary) module 1.5 and possibly earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php. | 2010-07-24 | 7.5 | CVE-2010-2851 XF VUPEN BID BUGTRAQ OSVDB MISC SECUNIA |
schlu.net -- com_quickfaq | SQL injection vulnerability in the QuickFAQ (com_quickfaq) component 1.0.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a category action to index.php. | 2010-07-24 | 7.5 | CVE-2010-2845 XF BID EXPLOIT-DB MISC |
stefan_koch -- t3m | SQL injection vulnerability in the T3M E-Mail Marketing Tool (t3m) extension 0.2.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 2010-07-28 | 7.5 | CVE-2009-4959 VUPEN BID CONFIRM |
sweetphp -- totalcalendar | SQL injection vulnerability in rss.php in TotalCalendar 2.4 allows remote attackers to execute arbitrary SQL commands via the selectedCal parameter in a SwitchCal action. | 2010-07-28 | 7.5 | CVE-2009-4973 MILW0RM |
sweetphp -- totalcalendar | Directory traversal vulnerability in box_display.php in TotalCalendar 2.4 allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the box parameter. | 2010-07-28 | 7.5 | CVE-2009-4974 MILW0RM |
thomas_waggershauser -- air_lexicon | SQL injection vulnerability in the AIRware Lexicon (air_lexicon) extension 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 2010-07-28 | 7.5 | CVE-2009-4965 VUPEN BID CONFIRM |
toughtomato -- com_ttvideo | SQL injection vulnerability in ttvideo.php in the TTVideo (com_ttvideo) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in a video action to index.php. | 2010-07-28 | 7.5 | CVE-2010-2909 XF CONFIRM BUGTRAQ BUGTRAQ EXPLOIT-DB SECUNIA OSVDB MISC |
typo3 -- sbanner | SQL injection vulnerability in the Solidbase Bannermanagement (SBbanner) extension 1.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 2010-07-28 | 7.5 | CVE-2009-4969 VUPEN BID CONFIRM |
typo3-macher -- t3m_affiliate | SQL injection vulnerability in the t3m_affiliate extension 0.5.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 2010-07-28 | 7.5 | CVE-2009-4970 VUPEN BID CONFIRM |
vincent_tietz -- vjchat | SQL injection vulnerability in the AJAX Chat (vjchat) extension before 0.3.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 2010-07-28 | 7.5 | CVE-2009-4971 VUPEN CONFIRM BID |
Medium Vulnerabilities
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
apache -- http_server | The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path. | 2010-07-28 | 5.0 | CVE-2010-1452 MLIST CONFIRM CONFIRM |
boesch-it -- simpnews | Multiple cross-site scripting (XSS) vulnerabilities in news.php in SimpNews 2.47.03 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) layout and (2) sortorder parameters. | 2010-07-24 | 4.3 | CVE-2010-2858 XF BID BUGTRAQ MISC SECUNIA MISC |
boesch-it -- simpnews | news.php in SimpNews 2.47.3 and earlier allows remote attackers to obtain sensitive information via an invalid lang parameter, which reveals the installation path in an error message. | 2010-07-24 | 5.0 | CVE-2010-2859 BUGTRAQ MISC |
danieljamesscott -- com_music | Directory traversal vulnerability in the Music Manager component for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the cid parameter to album.html. | 2010-07-24 | 6.8 | CVE-2010-2857 XF BID EXPLOIT-DB MISC |
gonzalo_maser -- com_artforms | Cross-site scripting (XSS) vulnerability in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the afmsg parameter to index.php. | 2010-07-24 | 4.3 | CVE-2010-2846 XF BID BUGTRAQ EXPLOIT-DB MISC |
gonzalo_maser -- com_artforms | Directory traversal vulnerability in assets/captcha/includes/alikon/playcode.php in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the l parameter. | 2010-07-24 | 5.0 | CVE-2010-2848 XF BID BUGTRAQ EXPLOIT-DB MISC |
google -- chrome | Unspecified vulnerability in the layout implementation in Google Chrome before 5.0.375.125 allows remote attackers to obtain sensitive information from process memory via unknown vectors. | 2010-07-28 | 5.0 | CVE-2010-2899 SECUNIA CONFIRM CONFIRM |
ibm -- filenet_content_manager | IBM FileNet Content Manager (CM) 4.0.0, 4.0.1, 4.5.0, and 4.5.1 before FP4 does not properly manage the InheritParentPermissions setting during an upgrade from 3.x, which might allow attackers to bypass intended folder permissions via unspecified vectors. | 2010-07-28 | 4.3 | CVE-2010-2896 VUPEN CONFIRM SECUNIA |
jared_meeker -- event_horizon | Multiple SQL injection vulnerabilities in modfile.php in Event Horizon (EVH) 1.1.10, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) YourEmail and (2) VerificationNumber parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | 2010-07-24 | 6.8 | CVE-2010-2855 BID SECUNIA |
kelvin_mo -- simpleid | Cross-site scripting (XSS) vulnerability in index.php (aka the log in page) in SimpleID before 0.6.5 allows remote attackers to inject arbitrary web script or HTML via the s parameter. | 2010-07-28 | 4.3 | CVE-2009-4972 CONFIRM CONFIRM CONFIRM OSVDB MISC |
lanai-core -- lanai-core | Directory traversal vulnerability in modules/backup/download.php in Lanai Core 0.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter. | 2010-07-28 | 5.0 | CVE-2009-4960 XF VUPEN |
lanai-core -- lanai-core | Lanai Core 0.6 allows remote attackers to obtain configuration information via a direct request to info.php, which calls the phpinfo function. | 2010-07-28 | 5.0 | CVE-2009-4961 MILW0RM |
mozilla -- firefox | dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script's URL in certain circumstances involving a redirect and an error message, which allows remote attackers to obtain sensitive information about script parameters via a crafted HTML document, related to the window.onerror handler. | 2010-07-30 | 5.0 | CVE-2010-2754 CONFIRM CONFIRM |
newanz -- newsoffice | Cross-site scripting (XSS) vulnerability in news_show.php in Newanz NewsOffice 2.0.18 allows remote attackers to inject arbitrary web script or HTML via the n-cat parameter. | 2010-07-24 | 4.3 | CVE-2010-2844 XF VUPEN BID MISC MISC |
nusoftware -- nubuilder | Cross-site scripting (XSS) vulnerability in productionnu2/nuedit.php in nuBuilder 10.04.20, and possibly other versions before 10.07.12, allows remote attackers to inject arbitrary web script or HTML via the f parameter. | 2010-07-24 | 4.3 | CVE-2010-2849 CONFIRM XF VUPEN BID OSVDB SECUNIA MISC MISC |
nusoftware -- nubuilder | Directory traversal vulnerability in productionnu2/fileuploader.php in nuBuilder 10.04.20, and possibly other versions before 10.07.12, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the dir parameter. | 2010-07-24 | 6.8 | CVE-2010-2850 CONFIRM XF VUPEN BID OSVDB SECUNIA MISC MISC |
openldap -- openldap | The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN string containing invalid UTF-8 sequences, which triggers a free of an invalid, uninitialized pointer in the slap_mods_free function, as demonstrated using the Codenomicon LDAPv3 test suite. | 2010-07-28 | 5.0 | CVE-2010-0211 BID VUPEN VUPEN SECTRACK REDHAT REDHAT CONFIRM SECUNIA SECUNIA SECUNIA |
openldap -- openldap | OpenLDAP 2.4.22 allows remote attackers to cause a denial of service (crash) via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smr_normalize function and triggers a NULL pointer dereference in the IA5StringNormalize function in schema_init.c, as demonstrated using the Codenomicon LDAPv3 test suite. | 2010-07-28 | 5.0 | CVE-2010-0212 VUPEN BID VUPEN SECTRACK REDHAT CONFIRM SECUNIA SECUNIA |
openttd -- openttd | The NetworkSyncCommandQueue function in network/network_command.cpp in OpenTTD before 1.0.3 does not properly clear a pointer in a linked list, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted request, related to the client command queue. | 2010-07-28 | 5.0 | CVE-2010-2534 VUPEN BID CONFIRM MISC CONFIRM XF VUPEN MLIST SECUNIA SECUNIA OSVDB FEDORA FEDORA |
oscss -- oscss | Cross-site scripting (XSS) vulnerability in admin/currencies.php in osCSS 1.2.2, and probably earlier versions, allows remote attackers to inject arbitrary web script or HTML via the page parameter. | 2010-07-24 | 4.3 | CVE-2010-2856 XF VUPEN BID MISC SECUNIA OSVDB |
pidgin -- pidgin | The clientautoresp function in family_icbm.c in the oscar protocol plugin in libpurple in Pidgin before 2.7.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via an X-Status message that lacks the expected end tag for a (1) desc or (2) title element. | 2010-07-30 | 4.0 | CVE-2010-2528 CONFIRM XF VUPEN BID OSVDB SECUNIA CONFIRM CONFIRM |
rsa -- federated_identity_manager | Open redirect vulnerability in RSA Federated Identity Manager 4.0 before 4.0.25 and 4.1 before 4.1.26 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unknown vectors. | 2010-07-28 | 6.0 | CVE-2010-2337 CONFIRM XF VUPEN SECTRACK BID SECUNIA OSVDB BUGTRAQ |
sap -- netweaver | Multiple cross-site scripting (XSS) vulnerabilities in the System Landscape Directory (SLD) component 6.4 through 7.02 in SAP NetWeaver allow remote attackers to inject arbitrary web script or HTML via the (1) action parameter to testsdic and the (2) helpstring parameter to paramhelp.jsp. | 2010-07-28 | 4.3 | CVE-2010-2904 MISC XF VUPEN OSVDB OSVDB SECUNIA MISC MISC |
skbuff -- iputils | Unspecified vulnerability in ping.c in iputils 20020927, 20070202, 20071127, and 20100214 on Mandriva Linux allows remote attackers to cause a denial of service (hang) via a crafted echo response. | 2010-07-28 | 5.0 | CVE-2010-2529 VUPEN BID MANDRIVA |
Low Vulnerabilities
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
citibank -- citi_mobile | The Citibank Citi Mobile app before 2.0.3 for iOS stores account data in a file, which allows local users to obtain sensitive information via vectors involving (1) the mobile device or (2) a synchronized computer. | 2010-07-30 | 2.1 | CVE-2010-2913 MISC SECTRACK MISC |
isc -- bind | BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a trust anchor that is configured statically or via DNSSEC Lookaside Validation (DLV), allows remote attackers to cause a denial of service (infinite loop) via a query for an RRSIG record whose answer is not in the cache, which causes BIND to repeatedly send RRSIG queries to the authoritative servers. | 2010-07-28 | 2.6 | CVE-2010-0213 CERT-VN VUPEN SECTRACK BID CONFIRM SECUNIA SECUNIA FEDORA |
jared_meeker -- event_horizon | Multiple cross-site scripting (XSS) vulnerabilities in modfile.php in Event Horizon (EVH) 1.1.10, when magic_quotes_gpc is disabled, allow remote attackers to inject arbitrary web script or HTML via the (1) YourEmail and (2) VerificationNumber parameters, which are not properly handled in a forced SQL error message. NOTE: some of these details are obtained from third party information. | 2010-07-24 | 2.6 | CVE-2010-2854 SECUNIA CONFIRM |
runcms -- runcms | Cross-site scripting (XSS) vulnerability in modules/headlines/magpierss/scripts/magpie_debug.php in RunCms 2.1, when the Headlines module is enabled, allows remote attackers to inject arbitrary web script or HTML via the url parameter. | 2010-07-24 | 2.6 | CVE-2010-2852 XF BID SECUNIA OSVDB MISC |
typo3 -- commerce_extension | Cross-site scripting (XSS) vulnerability in the Commerce extension before 0.9.9 for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 2010-07-28 | 3.5 | CVE-2009-4963 VUPEN CONFIRM BID |
Please share your thoughts
We recently updated our anonymous product survey; we’d welcome your feedback.